State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Look Out for Vishing Scams

Garden State Cyber Threat Highlight

Original Release Date: 4/28/2023

Summary

Threat actors continue to use various vishing tactics to gain access to customers’ operating systems via remote desktop protocol (RDP) to compromise accounts and PII and steal funds. Vishing, or voice phishing, is the use of fraudulent phone numbers claiming to be a reputable company in order to steal funds or PII. Threat actors may send phishing emails or SMiShing text messages containing these fraudulent phone numbers along with keywords that incite fear or urgency to entice the victim to contact the company via the fraudulent number. Once contacted, the threat actor coerces the victim to grant them access to the targeted operating system via RDP. These tactics are often referred to as tech support scams and call center fraud, which resulted in at least $800 million of reported losses in 2022, according to the FBI’s 2022 Internet Crime Report.

The NJCCIC recently received reports of threat actors using search engine optimization (SEO) poisoning to display phony tech support or customer service numbers for reputable companies and retail services. SEO poisoning is a tactic in which threat actors create malicious websites and use techniques such as keywords to increase their rankings, causing these websites to display as one of the first search results. Unsuspecting users who click on these “poisoned” search results without scrutiny could navigate to these malicious sites, inadvertently installing malware on their devices or divulging sensitive information to threat actors. Legitimate financial institutions will not require remote access to operating systems, nor will legitimate companies request wire or online funds transfers to perform services. These requests should be considered suspicious and reported to the legitimate organization as fraud.

Recommendations

The NJCCIC recommends users exercise caution with emails and SMS text messages that contain alerts or charges that were not rendered. Carefully examine unsolicited communications for signs of phishing and spoofing, and verify included phone numbers using the official, legitimate contact information provided on the company’s website before contacting the sender. Avoid clicking links in suspicious emails and navigate directly to official websites. Additionally, exercise caution with unsolicited calls from unknown contacts, and refrain from providing sensitive information or access to operating systems. If suspicious inquiries are made by individuals claiming to represent a trustworthy organization, hang up and call the organization using the official phone number found on its website.

Users who suspect they may have fallen victim to this, or a similar phishing campaign, are urged to review and monitor bank accounts for unauthorized transactions and to report fraudulent activity to their financial institution, local police department, and the Federal Trade Commission. Phishing emails and other malicious cyber activity can be reported to the  NJCCIC and the FBI’s IC3.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.